1. Field of the Invention
The present invention relates to an apparatus and method for detecting a malicious file in a mobile terminal, and more particularly, to an apparatus and method for detecting a malicious file that initiates communication in a mobile terminal without a user's approval.
2. Discussion of Related Art
Recent developments in information technology (IT) have helped to dissolve environmental restrictions on the use of computers and the Internet. That is, due to progress towards a ubiquitous computing environment, various types of communication environment are being presented to users.
Increasing dependence on IT industries and diversity of communication environments has caused malicious codes (e.g., viruses, worms, etc.) that were confined to the Internet to spread into almost all kinds of mobile communication terminals. Such malicious codes are becoming a new problem for terminals used for wireless communication.
Such malicious codes that are executed in mobile terminals attempt to make phone calls or transmit text messages without the user's agreement. This can incur communication charges as well as cause personal harm.
Thus, various techniques are being disclosed to detect such malicious codes. Most recent antivirus solutions are using the pattern matching technique for detecting a malicious code. Pattern matching is the act of checking for the presence of the constituents of a given pattern. It can only find the known pattern that we have ever discovered. The limitation of pattern matching is that it could not detect the new types of malicious code.
While damage caused by such malicious codes has been mainly reported in high-quality European terminals using an asynchronous system (e.g., GSM), none has yet been reported in terminals using a synchronous system (e.g., CDMA). However, it is expected that synchronous terminals will soon fall target to malicious codes as well.
For this reason, a method for detecting new types of malicious codes is needed.